PicsFactory Adware Profile

PicsFactory has several spyware functions.  It is primarily known to be a Browser Hijacker.  In this capacity, it resets your home page, redirects your browsing, and delivers pop-up advertising.  It is also a Trojan Backdoor program.  These are probably the most dangerous spyware programs.  They allow hackers to have remote access to your computer and all its files.  It also has a keylogging function, which will provide reports of what you have typed on your computer.

It is believed that PicsFactory may have originated in China, Russia, or possibly Spain; most likely China.  It disguises itself as a Toolbar add-on for your Internet browser.  Most of the content of this toolbar is adult entertainment oriented.

It is highly recommended that you remove PicsFactory from your computer.  It presents an immediate threat to the stability of your computer, the speed of its performance, and the security of your privacy.  ZookaWare PC Cleaner can blast this program to smithereens.

Aliases:

Backdoor.Radmin, not-a-virus:  RemoteAdmin.Win32.RAdmin.21, BKDR_IRC.AJ, not-a-virus:  Monitor.Win32.Perflogger.bx, IRC.Backdoor.Trojan, not-a-virus:  Client-IRC.Win32.mIRC.60, Spyware.Perflogger!sd5, Adware.Hengbang!sd5, not-a-virus:  AdWare.Win32.Hengbang.u, Backdoor.IRC.ABN, Spyware.Perfect, RemoteAccess:  Win32/GhostRadmin, Backdoor.IRC.Flood, Generic.dx, Keylog-Perfect.dr, MonitoringTool:  Win32/PerfectKeylogger, not-a-virus:  Monitor.Win32.Perflogger.bx, Trojan.DL.Agent.DYUP, Adware.Adhelper, Adware.Softomate!sd5, Program:  Win32/Henbang, Adware.Adhelper!sd6, Adware.Adsponsor, Adware.Agent!sd5, Adware.BHO.GTT, Adware.SaveNow!sd5, Adware.Softomate, Adware.Voghp, Hacktool, Hacktool Rootkit, not-a-virus:  AdWare.Win32.AdHelper.cd, not-a-virus:  AdWare.Win32.AdHelper.co, not-a-virus:  AdWare.Win32.AdHelper.cr, not-a-virus:  AdWare.Win32.Agent.ay, not-a-virus:  AdWare.Win32.Agent.az, not-a-virus:  AdWare.Win32.BHO, not-a-virus:  AdWare.Win32.BHO.aw, not-a-virus:  AdWare.Win32.BHO.bi, not-a-virus:  AdWare.Win32.Mostofate.u, not-a-virus:  AdWare.Win32.Mostofate.v, not-a-virus:  AdWare.Win32.SaveNow.bo, not-a-virus:  Porn-Dialer.Win32.Sexorap, not-a-virus:  RiskTool.Win32.HideExec.f, Program:  Win32/Fengcent, Troj/DwnLdb-Gen, TROJ_Generic, TROJ_RENOS.EQ, Trojan.Startpage, Generic PUP.i

Associated Files:
%ProgramFiles%\pics-factory toolbar\pics-factory.dll, %System%\drivers\etc\svchost.exe, %System%\oobe\svchost.exe, %Temp%\nsd6.tmp\detectionprocessus.dll, %Temp%\rarsfx0\bpkvw.exe, %Temp%\rarsfx1\bpkvw.exe, %Windir%\svchost.exe, %Windir%\system\svchost.exe, HKEY_CLASSES_ROOT\clsid\{2f16de49-9d33-4849-b812-2ed38c9bce15}
HKEY_CLASSES_ROOT\clsid\{661294f7-1833-46b3-99ea-7af25a41fc33}
HKEY_CLASSES_ROOT\toolbar3.xbtp00364
HKEY_CLASSES_ROOT\typelib\{4047a04b-4969-4bae-932c-76fd0d155edb}
HKEY_CLASSES_ROOT\xbtb00364
HKEY_CLASSES_ROOT\xbtb00364.ietoolbar
HKEY_CURRENT_USER\software\xbtb00364
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\extensions\{661294f7-1833-46b3-99ea-7af25a41fc33}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{2f16de49-9d33-4849-b812-2ed38c9bce15}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\xbtb00364.xbtb00364toolbar
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser, {661294f7-1833-46b3-99ea-7af25a41fc33}=[%HEX_ARRAY%]
HKEY_CURRENT_USER\software\microsoft\internet explorer\extensions\cmdmapping, {661294f7-1833-46b3-99ea-7af25a41fc33}=
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser, {661294f7-1833-46b3-99ea-7af25a41fc33}=F79412663318B34699EA7AF25A41FC33
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser, {661294f7-1833-46b3-99ea-7af25a41fc33}=
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar, {661294f7-1833-46b3-99ea-7af25a41fc33}=

Download Free Scan
ZookaWare runs on Windows Vista, 7, 8 and 10. It has no ads, popups or bundled software and fully uninstalls by clicking Start > All Programs > select ZookaWare and click Uninstall.

Leave a Reply

Your email address will not be published. Required fields are marked *

css.php